
package com.bei_en.teacher.management.shiro;

import java.util.concurrent.atomic.AtomicInteger;
import org.apache.log4j.Logger;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.cache.CacheManager;

/**
 *
 * <p>Description: 限制登录次数，如果5次出错，锁定5分钟</p>
 * <p>Company: 静之殇工作室</p>
 * @author wjggwm
 * @date 2016年1月5日 下午5:43:32
 */
public class LimitRetryHashedMatcher extends HashedCredentialsMatcher {

    Logger log = Logger.getLogger(this.getClass());
    private Cache<String, AtomicInteger> passwordRetryCache;

    public LimitRetryHashedMatcher(CacheManager cacheManager) {

	passwordRetryCache = cacheManager.getCache("my_passwordRetryCache");
    }

    @Override
    public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {

	String username = (String) token.getPrincipal();

	// 尝试登录次数+1
	AtomicInteger retryCount = passwordRetryCache.get(username);

	if (retryCount==null) {
	    retryCount = new AtomicInteger(0);
	    passwordRetryCache.put(username, retryCount);
	    log.warn(username+":尝试登录次数=1");
	}

	if (retryCount.incrementAndGet()>5) {
	    // 如果尝试登录次数大于5
	    log.warn(username+":尝试登录次数大于5");
//	    throw new ExcessiveAttemptsException();
	}
//	passwordRetryCache.put(username, retryCount);

	boolean matches = super.doCredentialsMatch(token, info);

	if (matches) {
	    // 移除该用户的登录记录
	    passwordRetryCache.remove(username);
	}

	return matches;
    }

}
